@mcp-abap-adt/interfaces 9.1.0 → 9.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/CHANGELOG.md +5 -0
  2. package/package.json +5 -2
package/CHANGELOG.md CHANGED
@@ -7,6 +7,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
7
7
 
8
8
  ## [Unreleased]
9
9
 
10
+ ## [9.1.1] - 2026-07-01
11
+
12
+ ### Security
13
+ - **Bumped dev-only `axios` `^1.11.0` → `^1.18.1`** and added an `overrides` entry pinning `form-data` to `^4.0.6`, clearing all 25 Dependabot alerts (axios proxy-auth/prototype-pollution/SSRF/ReDoS advisories, `follow-redirects` `1.15.11`→`1.16.0` auth-header leak, `form-data` `4.0.5`→`4.0.6` CRLF injection). `axios` is only a devDependency here and is not shipped to consumers, so runtime exposure was negligible; no published API change.
14
+
10
15
  ## [9.1.0] - 2026-06-30
11
16
 
12
17
  ### Added
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@mcp-abap-adt/interfaces",
3
- "version": "9.1.0",
3
+ "version": "9.1.1",
4
4
  "description": "Shared interfaces for MCP ABAP ADT packages",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",
@@ -49,7 +49,10 @@
49
49
  "devDependencies": {
50
50
  "@biomejs/biome": "^2.3.10",
51
51
  "@types/node": "^24.2.1",
52
- "axios": "^1.11.0",
52
+ "axios": "^1.18.1",
53
53
  "typescript": "^5.9.2"
54
+ },
55
+ "overrides": {
56
+ "form-data": "^4.0.6"
54
57
  }
55
58
  }